package com.googlecode.afdbaccess.password;

import org.jasypt.util.password.StrongPasswordEncryptor;

public class PasswordHasher {
    /** Set this to something new and private in each project. When this is changed, all previously stored hashed passwords will become invalid, so it can not be changed once passwords have been stored. */
    private final static String constantH = "jgrFK8jhH&Wpew9";
    
    public static String hashPasswordForStorage(String cleartextPassword) {
        StrongPasswordEncryptor passwordEncryptor = new StrongPasswordEncryptor();
        return passwordEncryptor.encryptPassword(constantH + cleartextPassword);
    }

    public static boolean checkPassword(String cleartextPassword, String hashedPasswordFromDatabase) {
        if(hashedPasswordFromDatabase == null) {
            return false;
        }
        
        StrongPasswordEncryptor passwordEncryptor = new StrongPasswordEncryptor();

        return passwordEncryptor.checkPassword(constantH + cleartextPassword, hashedPasswordFromDatabase);
    }
}
